mirror of
https://github.com/veracrypt/VeraCrypt.git
synced 2026-06-09 22:36:59 -05:00
Linux/macOS: Implement missing Argon2 KDF support on Unix
This commit is contained in:
Mounir IDRASSI
+47
-10
@@ -27,15 +27,22 @@ namespace VeraCrypt
|
||||
public:
|
||||
virtual ~Pkcs5Kdf ();
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const;
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const = 0;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const = 0;
|
||||
static shared_ptr <Pkcs5Kdf> GetAlgorithm (const wstring &name);
|
||||
static shared_ptr <Pkcs5Kdf> GetAlgorithm (const Hash &hash);
|
||||
static Pkcs5KdfList GetAvailableAlgorithms ();
|
||||
virtual shared_ptr <Hash> GetHash () const = 0;
|
||||
virtual wstring GetDerivationFailureMessage (int result) const;
|
||||
virtual int GetDefaultPim () const { return 485; }
|
||||
virtual const char *GetPimHelpMessageId () const { return "PIM_HELP"; }
|
||||
virtual const char *GetPimLargeWarningMessageId () const { return "PIM_LARGE_WARNING"; }
|
||||
virtual const char *GetPimSmallWarningMessageId () const { return "PIM_SMALL_WARNING"; }
|
||||
virtual const char *GetPimRequireLongPasswordMessageId () const { return "PIM_REQUIRE_LONG_PASSWORD"; }
|
||||
virtual int GetIterationCount (int pim) const = 0;
|
||||
virtual wstring GetName () const = 0;
|
||||
virtual Pkcs5Kdf* Clone () const = 0;
|
||||
virtual bool IsArgon2 () const { return false; }
|
||||
virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); }
|
||||
|
||||
protected:
|
||||
@@ -55,8 +62,9 @@ namespace VeraCrypt
|
||||
Pkcs5HmacBlake2s_Boot () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacBlake2s_Boot () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Blake2s); }
|
||||
virtual int GetDefaultPim () const { return 98; }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : (pim * 2048); }
|
||||
virtual wstring GetName () const { return L"HMAC-BLAKE2s-256"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacBlake2s_Boot(); }
|
||||
@@ -72,7 +80,7 @@ namespace VeraCrypt
|
||||
Pkcs5HmacBlake2s () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacBlake2s () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Blake2s); }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); }
|
||||
virtual wstring GetName () const { return L"HMAC-BLAKE2s-256"; }
|
||||
@@ -90,8 +98,9 @@ namespace VeraCrypt
|
||||
Pkcs5HmacSha256_Boot () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacSha256_Boot () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
|
||||
virtual int GetDefaultPim () const { return 98; }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : (pim * 2048); }
|
||||
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256_Boot(); }
|
||||
@@ -107,7 +116,7 @@ namespace VeraCrypt
|
||||
Pkcs5HmacSha256 () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacSha256 () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); }
|
||||
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
|
||||
@@ -124,7 +133,7 @@ namespace VeraCrypt
|
||||
Pkcs5HmacSha512 () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacSha512 () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); }
|
||||
virtual int GetIterationCount (int pim) const { return (pim <= 0 ? 500000 : (15000 + (pim * 1000))); }
|
||||
virtual wstring GetName () const { return L"HMAC-SHA-512"; }
|
||||
@@ -141,7 +150,7 @@ namespace VeraCrypt
|
||||
Pkcs5HmacWhirlpool () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacWhirlpool () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); }
|
||||
virtual int GetIterationCount (int pim) const { return (pim <= 0 ? 500000 : (15000 + (pim * 1000))); }
|
||||
virtual wstring GetName () const { return L"HMAC-Whirlpool"; }
|
||||
@@ -158,7 +167,7 @@ namespace VeraCrypt
|
||||
Pkcs5HmacStreebog () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacStreebog () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Streebog); }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); }
|
||||
virtual wstring GetName () const { return L"HMAC-Streebog"; }
|
||||
@@ -168,6 +177,33 @@ namespace VeraCrypt
|
||||
Pkcs5HmacStreebog (const Pkcs5HmacStreebog &);
|
||||
Pkcs5HmacStreebog &operator= (const Pkcs5HmacStreebog &);
|
||||
};
|
||||
|
||||
#ifndef VC_DCS_DISABLE_ARGON2
|
||||
class Pkcs5Argon2 : public Pkcs5Kdf
|
||||
{
|
||||
public:
|
||||
Pkcs5Argon2 () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5Argon2 () { }
|
||||
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual wstring GetDerivationFailureMessage (int result) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Blake2b); }
|
||||
virtual int GetDefaultPim () const { return 12; }
|
||||
virtual const char *GetPimHelpMessageId () const { return "PIM_ARGON2_HELP"; }
|
||||
virtual const char *GetPimLargeWarningMessageId () const { return "PIM_ARGON2_LARGE_WARNING"; }
|
||||
virtual const char *GetPimSmallWarningMessageId () const { return "PIM_ARGON2_SMALL_WARNING"; }
|
||||
virtual const char *GetPimRequireLongPasswordMessageId () const { return "PIM_ARGON2_REQUIRE_LONG_PASSWORD"; }
|
||||
virtual int GetIterationCount (int pim) const;
|
||||
virtual wstring GetName () const { return L"Argon2"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5Argon2(); }
|
||||
virtual bool IsArgon2 () const { return true; }
|
||||
|
||||
private:
|
||||
Pkcs5Argon2 (const Pkcs5Argon2 &);
|
||||
Pkcs5Argon2 &operator= (const Pkcs5Argon2 &);
|
||||
};
|
||||
#endif
|
||||
|
||||
class Pkcs5HmacStreebog_Boot : public Pkcs5Kdf
|
||||
{
|
||||
@@ -175,8 +211,9 @@ namespace VeraCrypt
|
||||
Pkcs5HmacStreebog_Boot () : Pkcs5Kdf() { }
|
||||
virtual ~Pkcs5HmacStreebog_Boot () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Streebog); }
|
||||
virtual int GetDefaultPim () const { return 98; }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : pim * 2048; }
|
||||
virtual wstring GetName () const { return L"HMAC-Streebog"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacStreebog_Boot(); }
|
||||
|
||||
Reference in New Issue
Block a user